Skip to content
0x4B1T

Friendship with Google: Dorks

1_yv9_F6EfnpkoQOSatgGZkQ

Date : 21 Jun 2024 Friday

Hello amazing hacker! How are you doing? I hope you’re doing well.
In this article, we will explore why professional hackers always say, “Google is your best friend.

Table of Content

Section titled “Table of Content”
  1. Introduction
  2. Why Google?
  3. Google Dorking
  4. Usefull Dorks you should know about
  5. Refrence
  6. Closing words

Introduction

Section titled “Introduction”

As we all know, information gathering (reconnaissance) is crucial before launching any attack.
During recon, you may discover valuable pieces of information — critical parts of the puzzle that help you find high-severity vulnerabilities on your target.

Why Google?

Section titled “Why Google?”

Google is a powerful and widely-used search engine, used by almost everyone who owns a digital device.
It supports various filters and operators that help you search more effectively and retrieve information that is not easily accessible.

Google Dorking

Section titled “Google Dorking”

Google dorking (also called Google hacking) is an advanced search technique using custom queries that include different search filters and operators, known as dorks.

By using dorks smartly, you can extract sensitive information, discover misconfigurations, and find potential vulnerabilities in a target system.

Usefull Dorks you should know about

Section titled “Usefull Dorks you should know about”

site:eaxmple.com - To get results from specific sites :- Use , for seprating diffrent strings (sequence of character) inurl:admin- Searching for pages having specified string in URL. intitle: - Search for pages having matching string in title like ‘index of’. ext - searching for files having certain extension. filetype: - searching for certain type of file. | (OR) - searching with condition. Get result from this site or from this site.

  • (Minus) - Excluding results link: - search for web pages that are linked with specific site.
  • (Wildcard) - It takes position for character or set of characters. ” ” - searching for pages having matching phrase.

Examples of combination of operators

Section titled “Examples of combination of operators”

Finding subdomains

Terminal window
site:*.example.com

Finding usefull or vulnerable pages

Terminal window
site:example.com inurl:/app/kibana

Compnay resouces hosted by third party

Terminal window
site:s3.amazon.com example.com

Finding pages containing sensitive data

Terminal window
site:example.com "password,admin,keys,tokens"

Searching pages linked with target

Terminal window
link:*.example.com

This are some simple but useful example of google dorks to make the concept more clear. You can make your own dorks for gathering more info about target

Reference

Section titled “Reference”

You can find more useful dorks here : https://www.exploit-db.com/google-hacking-database

Closing words

Section titled “Closing words”

Don’t forget to share this blog with your friends to spread knowledge in the InfoSec community. Follow to stay connected for more informative articles.

Thankyou, Happy Hunting :)